More on Upstart

I did a couple of blog posts on Upstart - introducing it in my post Starting and stopping WebLogic automatically using Upstart and doing the same for OID.

I pointed a couple of people at those posts and they told me they wanted more. More explanation, more clarity, and more about how to use Upstart to boot the entire environment.

So in this post I'm going to show how to use Upstart to start the Oracle database, then (once the database is started) start OID and OVD, and only then start OAM and the other WebLogic services.

The first thing I did was convert my Oracle database startup from a SysV-style init script to Upstart. Colm Divilly did the heavy lifting for me and blogged his config file for Ubuntu. I took that and tweaked it for OEL.
This goes in /etc/init/oracledb.conf:

description  "Oracle Database"

# Based on blog post at
# https://cdivilly.wordpress.com/2010/10/28/ubuntu-upstart-script-for-oracle-database/

# The location of the Oracle install
env ORACLE_HOME=/home/oracle/database/product/11.2.0/dbhome_1
# The user to execute Oracle as
env ORACLE=oracle

start on runlevel [2345]
stop on runlevel [016]

expect fork

pre-start script
    logger "Starting Oracle DB"
    su - $ORACLE -c "$ORACLE_HOME/bin/dbstart $ORACLE_HOME"
end script

post-stop script
    logger "Stopping Oracle DB"
    su - $ORACLE -c "$ORACLE_HOME/bin/dbshut $ORACLE_HOME"
end script

Then /etc/init/oid.conf for OID, OVD and the WebLogic server where I run ODSM:

start on started oracledb
stop on stopping oracledb

# This is good for debugging purposes but it's a bad idea to leave
# this on long term.
#console output

# this starts OPMN, OID and OVD
pre-start script
    logger "pre-start for OID/OVD"
    /bin/su - oracle -c "/home/oracle/middleware/asinst_1/bin/opmnctl startall"
    logger "pre-start for OID/OVD complete"
end script

# and this stops them
post-stop script
    logger "pre-stop for OID/OVD complete"
    /bin/su - oracle -c "/home/oracle/middleware/asinst_1/bin/opmnctl stopall"
    logger "pre-stop for OID/OVD complete"
end script

# this is the AdminServer only:
exec /bin/su - oracle -- /home/oracle/middleware/user_projects/domains/IDMDomain/bin/startWebLogic.sh

The important thing there is the "start on started oracledb" stanza. What that says in English is much as you would expect - "start this once the 'oracledb' service is started". The "stop on" does the same for when the database is being stopped; which will cause Upstart to stop OID and OVD before it tries to stop the database.

Upstart works out the dependencies automatically so no need to worry about numbers or pinging the database via sqlplus or tnsping.

The Upstart config for the OAM Server looks the much the same:
/etc/init/oamadminserver.conf

start on started oracledb
stop on stopping oracledb

exec /bin/su - oracle -- /home/oracle/middleware/user_projects/domains/IAMDomain/bin/startWebLogic.sh

Enjoy.

Quickly setup OpenLDAP on Oracle Linux 5

Sometimes you need an LDAP directory for testing but don't need a heavy duty directory like OID, DSEE or OUD. In those cases OpenLDAP suits your needs and it's a quick and easy install.

Last night someone pinged me and asked for help doing just that. I set it up, took some notes and thought I'd share them here.

[root@dogwoodvm ~]# yum install openldap-servers
Loaded plugins: rhnplugin, security
This system is not registered with ULN.
ULN support will be disabled.
Setting up Install Process
Resolving Dependencies
--> Running transaction check

...etc...

Installed:
  openldap-servers.x86_64 0:2.3.43-12.el5_5.3                                                                                                          

Dependency Installed:
  libtool-ltdl.x86_64 0:1.5.22-7.el5_4                                                                                                                 

Complete!

You can find the config files in /etc/openldap

[root@dogwoodvm ~]# cd /etc/openldap/
[root@dogwoodvm openldap]# ls
cacerts  DB_CONFIG.example  ldap.conf  schema  slapd.conf

Make a backup of slapd.conf and then edit the original.
Duplicate these lines and then comment out one of the pair:

#suffix         "dc=my-domain,dc=com"
#rootdn         "cn=Manager,dc=my-domain,dc=com"

Then edit the duplicates you made to reflect your environment. I want the root of my directory to be "dc=oracleateam,dc=com" and the super user account needs to be inside that root. So my config looks like:

suffix          "dc=oracleateam,dc=com"
rootdn          "cn=Manager,dc=oracleateam,dc=com"

You will also need to pick and set the password for that account. A few lines later you'll see this:

# Cleartext passwords, especially for the rootdn, should
# be avoided.  See slappasswd(8) and slapd.conf(5) for details.
# Use of strong authentication encouraged.
# rootpw                secret
# rootpw                {crypt}ijFYNcSNctBYg

By default the OpenLDAP RPMs ship with the password disabled. In order to allow the administrator to connect and manage the directory contents you need to add a line like so:

rootpw          ABcd1234

If this were a real environment you wouldn't want to put the password in the clear there, but since this is just for testing it's fine. If you want to be more secure even for testing use the slappasswd account to hash the password before pasting it into the slapd.conf file.

Side note: I always use the password ABcd1234 for my test environments - it's 8 characters long, contains uppercase letters, lowercase letters and numbers. It's a weak password but it meets virtually every default password policy I've encountered.

Save the file and then start the OpenLDAP server:

[root@dogwoodvm openldap]# service ldap start
Checking configuration files for slapd:  config file testing succeeded
                                                           [  OK  ]
Starting slapd:                                            [  OK  ]

If you want the OpenLDAP server to start automatically on boot use chkconfig to do that:

[root@dogwoodvm openldap]# chkconfig --level 35 ldap on
[root@dogwoodvm openldap]# chkconfig --list ldap
ldap                0:off     1:off     2:off     3:on     4:off     5:on     6:off

Once you've done that you need to actually create the directory root objects inside the directory. To do that you can use a graphical LDAP editor or just use the command line ldapmodify tool.

[root@dogwoodvm openldap]# yum install openldap-clients
Loaded plugins: rhnplugin, security
This system is not registered with ULN.
ULN support will be disabled.
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package openldap-clients.x86_64 0:2.3.43-12.el5_5.3 set to be updated
--> Finished Dependency Resolution
... etc ...
Installed:
  openldap-clients.x86_64 0:2.3.43-12.el5_5.3                                                                                                          

Complete!

Then use ldapmodify to create the entries.
Run the command:

[root@dogwoodvm openldap]# ldapmodify -D 'cn=Manager,dc=oracleateam,dc=com' -w ABcd1234 -x

Then paste the entry in

dn: dc=oracleateam,dc=com
changetype: add
objectClass: dcObject
objectClass: organizationalUnit
dc: oracleateam
ou: rootobject
description: LDAP Admin

and hit return to leave a blank line. The command should come back and tell you that it's adding an entry, like so:

adding new entry "dc=oracleateam,dc=com"

Then create the Organizational Units (ou) for People and Groups if you want them by pasting these in and hitting return after:

dn: ou=People, dc=oracleateam,dc=com
changetype: add
objectClass: organizationalUnit
ou: People
description: Users

dn: ou=Groups, dc=oracleateam,dc=com
changetype: add
objectClass: organizationalUnit
ou: Groups
description: Groups

Hit ctrl-d to exit and you're done.

Using Avahi/Bonjour to find VNC servers on your local network

This is off topic, but I need to write it down somewhere.

On my home network I have a VNC server running on an Oracle Enterprise Linux box. Since I use DHCP it's not uncommon for the DHCP server to assign a different IP address to the machine each time I bring the machine online. To find the machine's IP address I either have to attach to the console and log in to run "/sbin/ifconfig eth0" or use nmap.

Wouldn't it be great if I could just open my VNC client and have the server just show up in the list?

Yes you can. And the trick is a technology called Zeroconf implemented in a daemon named Avahi on Linux.

In my env I run VNC on :1 (TCP port 5901) so all I had to do was put the following in /etc/avahi/services:

<?xml version="1.0" standalone='no'?>
<!DOCTYPE service-group SYSTEM "avahi-service.dtd">
<service-group>
  <name replace-wildcards="yes">%h</name>
  <service>
    <type>_rfb._tcp</type>
    <port>5901</port>
  </service>
</service-group>

Then when I fire up my VNC client this shows up:

(This is from Chicken on the VNC on a Mac).

Hope this helps someone else!